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REMARKS 

In the final Office Action, 1 the Examiner rejected claims 9 and 14 under 35 U.S.C. 
§ 103(a) as being unpatentable over U.S. Patent 5,537,314 to Kanter ("Kanter) in view 
of U.S. Patent 6,594,640 to Postrel ("Postref) and U.S. Patent 6,012,039 to Hoffman et 
al. {"Hoffman"). Applicant respectfully traverses the rejection because a prima facie 
case of obviousness has not been established. 

Claim 9, as amended, recites a point transfer dealer system comprising, among 
other things, "a point redemption system for receiving first data encrypted using a public 
key of the point redemption system from the customer, the first data comprising second 
data encrypted using a private key of the customer." 

Kanter discloses "a participant's personal security number which can be used to 
verify against a code" (col. 17, lines 63-64) and "[t]he account number and security 
codes are examined to . . . verify the participants account . . . and the sponsoring 
company account having the same numbers and codes" (col. 23, lines 47-51). 
However, merely using of security number and code in Kanter cannot teach or suggest 
"data encrypted using a . . . key," as recited in claim 9. Kanter is completely silent with 
respect to any encryption or the use of public and private keys for encrypting. 

Postrel fails to cure the above-noted deficiencies of Kanter at least because 
Postrel is also silent with respect to any encryption or the use of public and private keys 
for encrypting. 

1 The Office Action contains a number of statements reflecting characterizations of the related 
art and the claims. Regardless of whether any such statement is identified herein, Applicant 
declines to automatically subscribe to any statement or characterization in the Office Action. 
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Hoffman discloses a "DES encryption algorithm, preferably . . . [employing] 
successive encrypt/decrypt/encrypt operations using two distinct 56-bit DES keys." 
Hoffman, col. 7, lines 13-16. A Triple DES, using decryption as the middle step, can be 
represented by DES(/c 3 ;DES" 1 (/c 2 ;DES(/c 1 ;/W))) l wherein /c 1} k 2 , and k 3 are keys and M is 
the message to be encrypted. Wikipedia, http://en.wikipedia.org/wiki/Triple DES , as of 
October 2, 2007 (copy enclosed). Therefore, in Hoffman, the same data is encrypted 
multiple times. However, mere multiple encryption of the same data cannot disclose 
encrypted data comprising another encrypted data within it. Therefore, the disclosure in 
Hoffman cannot teach or suggest "the [encrypted] first data . . . comprising [encrypted] 
second data," as recited in claim 9 (emphasis added). 

Hoffman further discloses "public/private key system may also be used to encrypt 
information." Hoffman, col. 7, lines 18-19. But again, the mere use of public and private 
keys in Hoffman does not disclose encrypted data comprising another encrypted data 
within it. Therefore, Hoffman also fails to cure the above-noted deficiencies of Kanter 
and Postrel. 

For at least the reasons give above, the cited references, taken alone or in 
proper combination, fail to disclose each and every element of claim 9. Therefore, a 
prima facie case of obviousness has not been established with respect to claim 9. In 
addition, claim 14, although different in scope from claim 9, is also allowable over the 
cited references for at least reasons similar to those given for claim 9. Accordingly, 
Applicant respectfully requests the Examiner to reconsider and withdraw the rejection of 
claims 9 and 14 under 35 U.S.C. § 103(a). 
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In view of the foregoing amendments and remarks, Applicant respectfully 
requests reconsideration of this application and the timely allowance of the pending 
claims. 

Please grant any extensions of time required to enter this response and charge 
any additional required fees to our deposit account 06-0916. 



Respectfully submitted, 



FINNEGAN, HENDERSON, FARABOW, 
GARRETT & DUNNER, LLP. 



Dated: October 2, 2007 




Michael R. Kelly 
Reg. No. 33,921 



Attachment: "Triple DES," Wikipedia (2 pages). 
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From Wikipedia, the free encyclopedia 

In cryptography, Triple DES is a block cipher formed from the Data 
Encryption Standard (DES) cipher by using it three times. 
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Acronyms 

Triple DES is also known as TDES or, more standard, TDEA (Triple 

Data Encryption Algorithm W). The non-standard convention to use 
DES (standard) when we actually mean DEA (algorithm) is so 
widespread that in order to avoid confusion we use it in this article. 
On the other hand, since there are variations of TDES which use two 
different keys (2TDES) and three different keys (3TDES) the non- 
standard abbreviation 3DES is confusing and should be avoided. 

Algorithm 

When it was found that a 56-bit key of DES is not enough to guard 
against brute force attacks, TDES was chosen as a simple way to 
enlarge the key space without a need to switch to a new algorithm. 
The use of three steps is essential to prevent meet-in-the-middle 
attacks that are effective against double DES encryption. Note that 
DES is not a group; if it were one, the TDES construction would be 
equivalent to a single DES operation and no more secure. 
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Three successive invocations of DES 



General 



Designer(s): 
First published 
Derived from: 

-T7 ■-■;*"-" — 



IBM 
: 1978 
DES ^ 



Key size(s): 112 (2TDES) or 168 bits (3TDES) 

Block size(s): 64 bits 

Structure: Feistel network 

Rounds: 48 DES-equivalent rounds 



Lucks: 2 32 known plaintexts, 2 113 operations including 



2 90 DES encryptions, 2 5iS memory; Biham: find one of 



9R 

2 target keys with a handful of chosen plaintexts per 
key and 2 84 encryptions 



The simplest variant of TDES operates as follows: DES^jDES^jDES^pM))), where Mis the message block to be encrypted 
and k {> and & 3 are DES keys. This variant is commonly known as EEE because all three DES operations are encryptions. In 
order to simplify interoperability between DES and TDES the middle step is usually replaced with decryption (EDE mode): DES 

(£ 3 ;DES " ^jDES^jM))) and so a single DES encryption with key k can be represented as TDES-EDE with L=k 2 = k, = k. 
The choice ordecryption for the middle step does not affect the security of the algorithm. 



Security 

In general TDES with three different keys (3TDES) has a key length of 168 bits: three 56-bit DES keys (with parity bits 3 TDES 
has the total storage length of 192 bits), but due to the meet-in-the-middle attack the effective security it provides is only 1 12 
bits. A variant, called two-key TDES (2TDES), uses kj = k 3 , thus reducing the key size to 1 12 bits and the storage length to 128 

bits. However, this mode is susceptible to certain chosen-plaintext or known-plaintext attacks ^ ^ and thus it is officially W 
designated to have only 80-bits of security. 

As of 2005, the best attack known on 3TDES requires around 2 32 known plaintexts, 2 1 13 steps, 2 90 single DES encryptions, and 
2 88 memory^ (the paper presents other tradeoffs between time and memory). This is not currently practical. If the attacker seeks 
to discover any one of many cryptographic keys, there is a memory-efficient attack which will discover one of 2 28 keys, given a 
handful of chosen plaintexts per key and around 2 84 encryption operations^. This attack is highly parallelizable and verges on 
the practical, given billion-dollar budgets and years to mount the attack, though the circumstances in which it would be useful are 
limited. 



http://en.wikipedia.org/w/index.php?title=Triple_DES&^ 
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Usage 

TDES is slowly disappearing from use, largely replaced by its natural successor, the Advanced Encryption Standard (AES). One 
large-scale exception is within the electronic payments industry, which still uses 2TDES extensively and continues to develop 
and promulgate standards based upon it (e.g. EMV). This guarantees that TDES will remain an active cryptographic standard 
well into the future. 

By design, DES and therefore TDES, suffer from slow performance in software; on modern processors, AES tends to be around 
six times faster. TDES is better suited to hardware implementations, and indeed where it is still used it tends to be with a 
hardware implementation (e.g., VPN appliances and the Nextel cellular and data network), but even there AES outperforms it. 
Finally, AES offers markedly higher security margins: a larger block size, potentially longer keys, and as of 2007, no known 
public cryptanalytic attacks. 

See also 

■ DES-X 

■ Walter Tuchman 

■ HorstFeistel 

■ Data Encryption Standard (DES) 

■ Advanced Encryption Standard (AES) 
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